According to gtoal@gtoal.com: > :4) if you are really paranoid, Shamir share the keys; Please explain this to me. What is "Shamir?" The reference is to the following paper: @article{sharesecret, author = {Adi Shamir}, journal = {Communications of the ACM}, number = {11}, pages = {612--613}, title = {How to Share a Secret}, volume = {22}, year = {1979} } More generally, see the article on shared control systems: @incollection{Simmons92, author = {Gustavus J. Simmons}, title = {An Introduction to Shared Secret and/or Shared Control Schemes and Their Application}, booktitle = {Contemporary Cryptology: The Science of Information Integr ity}, year = 1992, pages = {441--497}, editor = {Gustavus J. Simmons}, publisher = {{IEEE} Press} } I'm especially fond of this article: @article{sealing, author = {David K. Gifford}, journal = {Communications of the ACM}, number = {4}, pages = {274--286}, title = {Cryptographic Sealing for Information Secrecy and Authentication}, volume = {25}, year = {1982} } since it shows how to implement a variety of access mechanisms, including key-AND, key-OR, m-of-n, etc. > :6) periodically send messages to the boxes where you have stashed > :your files, saying "Everything is still cool, don't wipe my files > :or my keys."; Folks who contemplate such schemes should investigate the false alarm rate. Most automated systems experience a much higher rate of false triggers than true. Of course, as described here, you'd only get one, since your data would be gone after that...